Cryptography is the science of information security. The word is derived from the Greek kryptos, meaning “hidden, secret�. Cryptography is closely related to the disciplines of cryptology and cryptanalysis. cryptography is most often associated with scrambling plaintext (ordinary text, sometimes referred to as cleartext) into ciphertext (a process called encryption), then back again (known as decryption). Modern cryptography concerns itself with the following four objectives: 1) Confidentiality (the information cannot be understood by anyone for whom it was unintended) 2) Integrity (the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected) 3) Non-repudiation (the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information) 4) Authentication (the sender and receiver can confirm each other?s identity and the origin/destination of the information) Procedures and protocols that meet some or all of the above criteria are known as cryptosystems. Important Features of Security Security Requirements Informal statements (formal is much harder) Confidentiality Protection from disclosure to unauthorized persons Integrity Assurance that information has not been modified unauthorizedly. Authentication Assurance of identity of originator of information. Non-Repudiation Originator cannot deny sending the message. Availability Not able to use system or communicate when desired. Anonymity/Pseudonomity For applications like voting, instructor evaluation. Traffic Analysis Should not even know who is communicating with whom. Why? Emerging Applications Online Voting, Auctions (more later)
Caesar Cipher Replace each letter of message by a letter a fixed distance away (use the 3rd letter on) Reputedly used by Julius Caesar The mapping is ABCDEFGHIJKLMNOPQRSTUVWXYZ DEFGHIJKLMNOPQRSTUVWXYZABC Example: I CAME I SAW I CONGUERED L FDPH L VDZ L FRQTXHUHG
Hash functions are also called message digests and one way encryption.
Cryptography is the study of Secret (crypto-) writing (-graphy) Cryptography The art or science encompassing the principles and methods of transforming an intelligible message into one that is unintelligible, and then retransforming that message back to its original form Plaintext The original intelligible message Ciphertext The transformed message Basic Concepts Cipher An algorithm for transforming an intelligible message into unintelligible by transposition and/or substitution Key Some critical information used by the cipher, known only to the sender & receiver Encipher (encode)
The process of converting plaintext to ciphertext Decipher (decode) The process of converting ciphertext back into plaintext
Cryptanalysis The study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key. Also called codebreaking Cryptology Both cryptography and cryptanalysis History ! Ancient ciphers Have a history of at least 4000 years Ancient Egyptians enciphered some of their hieroglyphic writing on monuments Ancient Hebrews enciphered certain words in the scriptures 2000 years ago Julius Caesar used a simple substitution cipher, now known as the Caesar cipher Roger bacon described several methods in 1200s Classical Cryptographic Techniques Two basic components of classical ciphers: Substitution: letters are replaced by other letters Transposition: letters are arranged in a different order These ciphers may be: Monoalphabetic: only one substitution/ transposition is used, or Polyalphabetic:where several substitutions/ transpositions are used Polyalphabetic Substitution Use more than one substitution alphabet
Makes cryptanalysis harder
Symmetric-key cryptography Symmetric-key cryptography refers to encryption methods in which both the sender and receiver share the same key. Block ciphers Stream Ciphers DES,AES Hash function – MD5, SHA-2
Assymmetric-key (Public-key) cryptography The public key is typically used for encryption, while the private or secret key is used for decryption. Ronald Rivest, Adi Shamir, and Len Adleman invented RSA,
Cryptanalysis The goal of cryptanalysis is to find some weakness or insecurity in a cryptographic scheme, It is a common misconception that every encryption method can be broken. brute force attack, chosen-plaintext attack, chosen-ciphertext attack Possible Attacks Ciphertext only Algorithm, ciphertext Known plaintext Algorithm, ciphertext, plaintext-ciphertext pair Chosen ciphertext Algorithm, ciphertext, chosen plaintext and its ciphertext Chosen plaintext Algorithm, ciphertext, chosen ciphertext and its plaintext Chosen text Algorithm, ciphertext, chosen plaintext and ciphertext Important Features of Security Security Requirements Informal statements (formal is much harder) Confidentiality Protection from disclosure to unauthorized persons Integrity Assurance that information has not been modified unauthorizedly. Authentication Assurance of identity of originator of information. Non-Repudiation Originator cannot deny sending the message. Availability Not able to use system or communicate when desired.
Anonymity/Pseudonomity For applications like voting, instructor evaluation. Traffic Analysis Should not even know who is communicating with whom. Why? Emerging Applications Online Voting, Auctions (more later) Security Mechanism System Security: “Nothing bad happens to my computers and equipment” virus, trojan-horse, logic/time-bombs, ... Network Security: Authentication Mechanisms “you are who you say you are” Access Control Firewalls, Proxies “who can do what” Data Security: “for your eyes only” Encryption, Digests, Signatures, However, with a digital signature, you have only done half of the work, and that's the easy half. The digital signature does not tell you: "the author is Bob". It tells: "the author is whoever controls the private key associated with this public key". You still must have a way to reliably (in the sense of: in a way acceptable as a proof) link Bob's public key with Bob's identity. This is where certificates come into action. A certificate is a piece of data which contains an identity ("Bob") and a public key, and is signed by a "Certification Authority": the CA, when it signs the certificate, says: "this is the public key owned by that guy". Since the CA uses itself a digital signature, it also falls under the scope of nonrepudiation: the certificate "proves" that the public key is Bob's only insofar as the CA is honest and used reliable procedures
50 B.C. Julius Caesar uses cryptographic technique Plaintext is text that is in readable form Ciphertext results from plaintext by applying the encryption key Key – Sequence that controls the operation and behavior of the cryptographic algorithm Keyspace – Total number of possible values of keys in a crypto algorithm Initialization Vector – Random values used with ciphers to ensure no patterns are created during encryption Cryptosystem – The combination of algorithm, key, and key management functions used to perform cryptographic operations Keys are rules used in algorithms to convert a document into a secret document Keys are of two types:
Symmetric DES (Data Encryption Standard) and derivatives: double DES and triple DES IDEA (International Data Encryption Standard) Blowfish RC5 (Rivest Cipher #5) AES (Advance Encryption Standard) Asymmetric RSA (Rivest, Shamir, Adleman) DH (Diffie-Hellman Key Agreement Algorithm) ECDH (Elliptic Curve Diffie-Hellman Key Agreement Algorithm) RPK (Raike Public Key) A key is symmetric if the same key is used both for encryption and decryption A key is asymmetric if different keys are used for encryption and decryption Examples: Symmetric key methods DES 56-bit Triple DES AES
128-bit
128-bit and higher
Blowfish 128-bit and higher Asymmetric key methods RSA (Rivest-Shamir-Adleman of MIT) PGP (Phil Zimmerman of MIT) Steganography is the method of hiding secret messages in an ordinary document Steganography does not use encryption Steganography does not increase file size for hidden messages Example: select the bit patterns in pixel colors to hide the message Hash functions generate a digest of the message Substitution cipher involves replacing an alphabet with another character of the same alphabet set Mono-alphabetic system uses a single alphabetic set for substitutions
Poly-alphabetic system uses multiple alphabetic sets for substitutions Caesar cipher is a mono-alphabetic system in which each character is replaced by the third character in succession. Julius Caesar used this method of encryption. Hash algorithms take an arbitrary length message and create a fixed length digest known as Message Digest Well-known hash algorithms are MD-4 and MD-5 Ron Rivest created the MD-x hash algorithms for NIST Block ciphers use blocks of text instead of single characters Electronic code book (ECB) uses plaintext blocks ECB raises the possibility that identical blocks could generate identical ciphertext Cipher block chaining (CBC) uses a feedback loop In CBC, each plaintext block is XORed with the previous ciphertext block CBC eliminates identical blocks generating identical ciphertext Public Key Infrastructure (PKI) is a government initiative to protect computer systems Developed in the 1970s but has not been widely accepted. However, parts of the system are in extensive use today. These are Digital Certificates and Digital Signatures. Digital Certificates are given by trusted third parties, known as Certificate Authorities (CAs). Verisign (an offshoot of RSA) is a CA. Any organization can be a CA as long as there are people willing to believe their assessment of authenticity. Brute force Trying all key values in the keyspace Frequency Analysis Guess values based on frequency of occurrence Dictionary Attack Find plaintext based on common words Replay Attack Repeating previous known values Factoring Attacks Find keys through prime factorization
Ciphertext-Only Known Plaintext Format or content of plaintext available Chosen Plaintext Attack can encrypt chosen plaintext Chosen Ciphertext Decrypt known ciphertext to discover key Differential Power Analysis Side Channel Attack Identify algorithm and key length
Digital signature does not confirm identity Public Key Infrastructure provides a trusted third party’s confirmation of a sender’s identity Certification Authority is a trusted third party that issues identity certificates Common Types of Network Attacks Without security measures and controls in place, your data might be subjected to an attack. Some attacks are passive, meaning information is monitored; others are active, meaning the information is altered with intent to corrupt or destroy the data or the network itself. Your networks and data are vulnerable to any of the following types of attacks if you do not have a security plan in place.
Eavesdropping In general, the majority of network communications occur in an unsecured or "cleartext" format, which allows an attacker who has gained access to data paths in your network to "listen in" or interpret (read) the traffic. When an attacker is eavesdropping on your communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network.
Data Modification After an attacker has read your data, the next logical step is to alter it. An attacker can modify the data
in the packet without the knowledge of the sender or receiver. Even if you do not require confidentiality for all communications, you do not want any of your messages to be modified in transit. For example, if you are exchanging purchase requisitions, you do not want the items, amounts, or billing information to be modified.
Identity Spoofing (IP Address Spoofing) Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumed— identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet. After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data. The attacker can also conduct other types of attacks, as described in the following sections.
Password-Based Attacks A common denominator of most operating system and network security plans is password-based access control. This means your access rights to a computer and network resources are determined by who you are, that is, your user name and your password. Older applications do not always protect identity information as it is passed through the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user. When an attacker finds a valid user account, the attacker has the same rights as the real user. Therefore, if the user has administrator-level rights, the attacker also can create accounts for subsequent access at a later time. After gaining access to your network with a valid account, an attacker can do any of the following: • Obtain lists of valid user and computer names and network information. • Modify server and network configurations, including access controls and routing tables. • Modify, reroute, or delete your data.
Denial-of-Service Attack Unlike a password-based attack, the denial-of-service attack prevents normal use of your computer or network by valid users. After gaining access to your network, the attacker can do any of the following: • Randomize the attention of your internal Information Systems staff so that they do not see the intrusion immediately, which allows the attacker to make more attacks during the diversion. • Send invalid data to applications or network services, which causes abnormal termination or behavior of the applications or services.
• Flood a computer or the entire network with traffic until a shutdown occurs because of the overload. • Block traffic, which results in a loss of access to network resources by authorized users.
Man-in-the-Middle Attack As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to determine with whom they are exchanging data. Man-in-the-middle attacks are like someone assuming your identity in order to read your message. The person on the other end might believe it is you because the attacker might be actively replying as you to keep the exchange going and gain more information. This attack is capable of the same damage as an application-layer attack, described later in this section.
Compromised-Key Attack A key is a secret code or number necessary to interpret secured information. Although obtaining a key is a difficult and resource-intensive process for an attacker, it is possible. After an attacker obtains a key, that key is referred to as a compromised key. An attacker uses the compromised key to gain access to a secured communication without the sender or receiver being aware of the attack.With the compromised key, the attacker can decrypt or modify data, and try to use the compromised key to compute additional keys, which might allow the attacker access to other secured communications.
Sniffer Attack A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key. Using a sniffer, an attacker can do any of the following: • Analyze your network and gain information to eventually cause your network to crash or to become corrupted. • Read your communications.
Application-Layer Attack An application-layer attack targets application servers by deliberately causing a fault in a server's
operating system or applications. This results in the attacker gaining the ability to bypass normal access controls. The attacker takes advantage of this situation, gaining control of your application, system, or network, and can do any of the following: • Read, add, delete, or modify your data or operating system. • Introduce a virus program that uses your computers and software applications to copy viruses throughout your network. • Introduce a sniffer program to analyze your network and gain information that can eventually be used to crash or to corrupt your systems and network. • Abnormally terminate your data applications or operating systems. • Disable other security controls to enable future attacks. Exploitation of known weaknesses in programs Some programs and network services were not originally designed with strong security in mind and are inherently vulnerable to attack. The BSD remote services (rlogin, rexec, etc.) are an example. The best way to protect yourself against this type of attack is to disable any vulnerable services or find alternatives. With Open Source, it is sometimes possible to repair the weaknesses in the software. Denial of service Denial of service attacks cause the service or program to cease functioning or prevent others from making use of the service or program. These may be performed at the network layer by sending carefully crafted and malicious datagrams that cause network connections to fail. They may also be performed at the application layer, where carefully crafted application commands are given to a program that cause it to become extremely busy or stop functioning. Preventing suspicious network traffic from reaching your hosts and preventing suspicious program commands and requests are the best ways of minimizing the risk of a denial of service attack. It's useful to know the details of the attack method, so you should educate yourself about each new attack as it gets publicized. Spoofing This type of attack causes a host or application to mimic the actions of another. Typically the attacker pretends to be an innocent host by following IP addresses in network packets. For example, a welldocumented exploit of the BSD rlogin service can use this method to mimic a TCP connection from another host by guessing TCP sequence numbers. To protect against this type of attack, verify the authenticity of datagrams and commands. Prevent datagram routing with invalid source addresses. Introduce unpredictablility into connection control mechanisms, such as TCP sequence numbers and the allocation of dynamic port addresses. Eavesdropping This is the simplest type of attack. A host is configured to "listen" to and capture data not belonging to it. Carefully written eavesdropping programs can take usernames and passwords from user login network connections. Broadcast networks like Ethernet are especially vulnerable to this type of attack. To protect against this type of threat, avoid use of broadcast network technologies and enforce the use of data encryption. IP firewalling is very useful in preventing or reducing unauthorized access, network layer denial of service, and IP spoofing attacks. It not very useful in avoiding exploitation of
weaknesses in network services or programs and eavesdropping.
Encryption Symmetric Cryptography (stream ciphers or block ciphers) • DES – The Data Encryption Standard (DES) is a block cipher. • Blowfish – Symmetric block cipher developed by Bruce Schneier. • CAST5 & 6 – Developed by Carlisle Adams & Stafford Tavares. A 64-bit block cipher using a 64-bit key. • Twofish – A symmetric block cipher using a maximum key length of 265 bits and a block size of 128 bits. Created by Kelsey, Hall, Ferguson, Wagner, Whiting and Schneier as an AES candidate. • 3-Key 3DES – The triple data encryption standard algorithm. DES based symmetric algorithm which uses three DES keys by encrypting a block of plain text with the first key, passing the result through the decryption algorithm with the second key, and encrypting the result with the third key. Extends the strength of DES. • 2-Key 3DES – An encryption configuration in which the DES algorithm is used three times with only two keys, one key is used twice. • AES/Rijndael – iterated block cipher with variable block and key lengths specifiable to 128, 192, or 256 bits. Developed by Joan Daemen and Vincent Rijmen of Belgium • IDEA – International data encryption algorithm. A block cipher operating on 64 bit plain-text blocks. The scheme was developed in Switzerland • Kasumi (A5/3) – international standard encryption for third-generation W-CDMA mobile communications. • MARS – IBM AES candidate – a shared-key (symmetric) block cipher supporting 128-bit blocks and variable key lengths. • RC2 – is a 64-bit block cipher with a variable size key. • RC4/Arcfour – A variable-key-length stream cipher designed by Ron Rivest of MIT. Once a proprietary algorithm of RSA Data Security, Inc. • RC5 – Block cipher of several word length options, suitable for hardware or software applications. • RC6 – RSA Laboratories AES candidate – symmetric block cipher supporting 128-bit blocks and variable key lengths. • SAFER-SK – An iterated block cipher with 64 or 128 bit plaintext and ciphertext blocks. • SEA – Sapher Encryption Algorithm. Approved in 70 countries, rated as strong crypto by U.S. and U.K. governments. • Serpent – An AES candidate proposed by Ross J. Anderson (United Kingdom), Eli Biham (Israel) and Lars R. Knudsen (Norway) – Serpent encrypts a 128-bit plaintext block to a 128bbit ciphertext block in 32 rounds under the control of 33 128-bit sub-keys. • SEAL – Software-optimized encryption Algorithm. A fast stream cipher for 32-bit machines designed by Rogaway and Coppersmith. • Skipjack - is a block cipher – an algorithm for encryption – developed by the U.S. National Security Agency. Asymmetric Cryptography • Diffie-Hellman – The first public-key algorithm, uses exponential key exchange.
• ECKAS-DH – Elliptic Curve Key Agreement Scheme – Diffie-Hellman version. • EIGamal – is mainly used to establish common keys and not to encrypt messages. • RPK – Raike Public Key. A public-key encryption algorithm based on the same math as DiffieHellman Key Exchange in GF(2^n) using maximal length LFSRs. Can also be implemented based on Multiplicative Congruential Generators in GF(p) or Elliptic Curve Groups. • RSA – Algorithm invented by Ron Rivest, Adi Shamir and Len Adelman. • ECES – Elliptic Curve Encryption Scheme. A public-key encryption scheme for encrypting and decrypting Message Digest /Hash • GOST – is a 256-bit cryptographic hash function • HMAC – HMAC is used for message integrity checks between two parties that share a secret key, and works in combination with some other Digest algorithm, usually MD5 or SHA-1. • MD2 – is a cryptographic hash function developed by Ronald Rivest in 1989. • MD4 – is a message digest algorithm (the fourth in a series) designed by Professor Ronald Rivest of MIT in 1990. It implements a cryptographic hash function for use in message integrity checks. The digest length is 128 bits. • MD5 – replaced the earlier hash function, MD4. • MD6 – uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs. • SHA-0 • SHA-1 – Secure hash algorithm revision one. • SHA-2 – Secure hash algorithm comprising SHA-224, SHA-256, SHA-384, SHA-512. • RIPEMD-128 - RIPEMD is developed in the framework of the EU project RIPE. • RIPEMD-160 • RIPEMD-256 • RIPEMD-320 • Tiger • Whirlpool – is a hash designed after the Square block cipher. Random Number Generation • FIPS 186 – A pseudo-random number generator scheme built around SHA-1 and which has been standardized by NIST. • RPK – Raike Public Key. A public-key encryption algorithm based on the same math as DiffieHellman Key Exchange in GF(2^n) using maximal length LFSRs. Can also be implemented based on Multiplicative Congruential Generators in GF(p) or Elliptic Curve Groups. • ANSI X9.31 – A pseudo-random number generator using 3-key 3DES or AES algorithms. • ANSI X9.62 – ECDSA – A pseudo-random number generator. Key Exchange • Diffie-Hellman – The first public-key algorithm, uses exponential key exchange. • Modified Diffie-Hellman – Session key exchange • ECKAS – DH Elliptic Curve Key Agreement Scheme – Diffie-Hellman version. The input to the scheme is elliptic curve parameters. (aka ECDH) • ECKAS – MQV – Elliptic Curve Key Agreement Scheme – MQV version. Establishes one or more shared secrets between two parties for subsequent use. Involves the public and private
keys of the users. • KEA – Key exchange algorithm (Government) • RPK – Raike Public Key. A public-key encryption algorithm based on the same math as DiffieHellman Key Exchange in GF(2^n) using maximal length LFSRs. Can also be implemented based on Multiplicative Congruential Generators in GF(p) or Elliptic Curve Groups. • RSA – Algorithm invented by Ron Rivest, Adi Shamir and Len Adelman Digital Signature (Data authentication and Non-repudiation) • DSA – Digital Signature Algorithm. A public-key digital signature algorithm proposed by NIST for use in the digital signature standard (DSS). • ECAES – Elliptic Curve Authentication Encryption Scheme. Analogous to ECES plus it provides verification of the integrity of the original message. • ECDSA – Elliptic curve analog of DSA. Uses a signature and verification operation for data integrity and entity authentication. Currently being standardized in ANSI and IEEE. • ECNR – Elliptic Curve Nyberg-Reuppel. Scheme with message appendix. Consists of a signature operation and a verification operation. • RPK – Raike Public Key. A public-key encryption algorithm based on the same math as DiffieHellman Key Exchange in GF(2^n) using maximal length LFSRs. Can also be implemented based on Multiplicative Congruential Generators in GF(p) or Elliptic Curve Groups. • RSA – Algorithm invented by Ron Rivest, Adi Shamir and Len Adelman
Cryptography - The Science of Secrecy
Main Page
Ankit Jain
Types of Cryptosystem There are two basic types of cryptosystems: a) Secret-key cryptosystem b) Public-key cryptosystem
Secret-key cryptosystem Secret-key cryptosystem or traditional cryptography is also referred as symmetric cryptography. In this the sender and receiver of a message know and use the same secret key; the sender uses the secret key to encrypt the message, and the receiver uses the same secret key to decrypt the message. Fig: Symmetric (Secret-Key) Cryptography
<!-google_ad_client = "pub-7757285557272879"; google_ad_width = 336; google_ad_height = 280; google_ad_format = "336x280_as"; google_ad_channel ="6119849712";
google_color_border = "FF4500"; google_color_bg = "FFEBCD"; google_color_link = "DE7008"; google_color_url = "E0AD12"; google_color_text = "8B4513"; //--> The main challenge is getting the sender and receiver to agree on the secret key without anyone else finding out. Anyone who overhears or intercepts the key in transit can later read, modify, and forge all messages encrypted or authenticated using that key. All cryptosystems must deal with key management issues. Because all keys in a secret-key cryptosystem must remain secret, secret-key cryptography often has difficulty providing secure key management. The most popular secret-key cryptosystem in use today is the Data Encryption Standard (DES). Other examples are IDEA, Blowfish, etc. <!-google_ad_client = "pub7757285557272879"; google_ad_width = 160; google_ad_height = 600; google_ad_format = "160x600_as"; google_ad_channel ="6119849712"; google_color_border = "191933"; google_color_bg = "333366"; google_color_link = "99CC33"; google_color_url = "FFCC00"; google_color_text = "FFFFFF"; //-->
Public-key cryptosystem Public-key cryptosystem is also referred as Asymmetric cryptography, in which each user has a pair of keys (1) a public key and (2) a private key. The public key is made public while the private key remains secret. Encryption is performed with the public key while decryption is done with the private key. The need for the sender and receiver to share secret information is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared. In this system, it is no longer necessary to trust the security of some means of communications. The only requirement is that public keys be associated with their users in a trusted (authenticated) manner (for instance, in a trusted directory). Anyone can send a confidential message by just using public information, but the message can only be decrypted with a private key, which is in the sole possession of the intended recipient. Fig: Asymmetric (Public Key) Cryptography
Furthermore, public-key cryptography can be used not only for privacy (encryption), but also for authentication (digital signatures) and other various techniques. The implementation of public key cryptography requires several supporting components to handle key creation, distribution and revocation – the components form a Public Key Infrastructure (PKI). The RSA public-key cryptosystem is the most popular form of public-key cryptography.
Which is better? On one hand the secret-key cryptography is fast and easy to implement in hardware. While on the other hand it can be intercepted if poor algorithm is used, requires secure medium for exchanging secret key and requires added effort for authentication of sender. The public-key cryptography builds a “trusted” network environment, does not require a trusted (secure) channel, because private key is never transmitted or shared. The primary advantage of public-key cryptography is increased security and convenience because private keys never need to be transmitted. Another major advantage of public-key
systems is that they can provide digital signatures that cannot be repudiated. The only disadvantage of public-key cryptography is speed. There are many secret key encryption methods that are significantly faster than any currently available public-key encryption method. In some situations, public-key cryptography is not necessary and secret-key cryptography alone is sufficient. These include environments where secure secret key distribution can take place, for example, by users meeting in private. Publickey cryptography is usually not necessary in a single-user environment. For example, if you want to keep your personal files encrypted, you can do so with any secret key encryption algorithm using, say, your personal password as the secret key. In general, public-key cryptography is best suited for an open multi-user environment.
A mixture of both The drawback of the public key system is the slowness of the encryption/decryption process. It makes it almost useless when processing big files. (In software, DES is about 100 times faster than RSA; in hardware 1000 times faster). To avoid this, a combination of public and symmetric keys can be used, as shown below. At encryption time, the plaintext is encrypted with a symmetric key. The symmetric key itself is then encrypted with the public key of the recipient, and then stored at the end of the file. At decryption time, the secret key is used to decrypt the symmetric key, which is then used to decrypt the message. Fig: Mixture of Asymmetric and Symmetric Cryptography
This technique is used, for example, by PGP (Pretty Good Privacy). PGP uses IDEA for the symmetric part and RSA for the public part. Another Public key system widely used to safely distribute secret keys is the Diffie-Hellman protocol.
One-way hash functions This is another interesting encryption system. One-way hash is a mathematical function that takes a string and scrambles it to a different (smaller) value without using any key. It takes variable-length input, a message of any length, even thousands or millions of bits and produces a fixed-length output; say, 160-bits. The hash function ensures that, if the information is changed in any way, even by just one bit, an entirely different output value is produced. Its particularity is that it works in only one direction. Given a hash value, it is mathematically (almost) impossible to generate the original value. The question is, then, â&#x20AC;&#x153;What is the advantage of encrypting something that you cannot decrypt at all?â&#x20AC;? It is used check the integrity of a message. You transmit the message plus the result of a hash function performed on your data. The recipient performs the same hash function on the message and compares the results. If the two hashed values match, it means that the original data has not been tampered with. Another example of the use of one-way hashing is to handle a password check between a workstation and a server:
a) At password creation time, the user enters his new password. The password is hashed and the hashed value is sent to the server to be stored in the user database. b) At logon time, the user enters his password. The password is hashed and the hashed value is sent to the server, which compares it with the one it has in its database. If they match, it means that the password entered by the user was correct.
A digital signature is another means to ensure integrity, authenticity, and non-repudiation. A digital signature is another means to ensure integrity, authenticity, and non-repudiation. A digital signature is derived by applying a mathematical function to compute the message digest of an electronic message or document, and then encrypt the result of the computation with the signer's private key. Recipients can verify the digital signature with the use of the sender's public key.
The following engine classes are available:
• • • •
• • •
• • • • •
SecureRandom: used to generate random or pseudo-random numbers. MessageDigest: used to calculate the message digest (hash) of specified data. Signature: initilialized with keys, these are used to sign data and verify digital signatures. Cipher: initialized with keys, these used for encrypting/decrypting data. There are various types of algorithms: symmetric bulk encryption (e.g. AES, DES, DESede, Blowfish, IDEA), stream encryption (e.g. RC4), asymmetric encryption (e.g. RSA), and password-based encryption (PBE). Message Authentication Codes (MAC): like MessageDigests, these also generate hash values, but are first initialized with keys to protect the integrity of messages. KeyFactory: used to convert existing opaque cryptographic keys of type Key into key specifications (transparent representations of the underlying key material), and vice versa. SecretKeyFactory: used to convert existing opaque cryptographic keys of type SecretKey into key specifications (transparent representations of the underlying key material), and vice versa. SecretKeyFactorys are specialized KeyFactorys that create secret (symmetric) keys only. KeyPairGenerator: used to generate a new pair of public and private keys suitable for use with a specified algorithm. KeyGenerator: used to generate new secret keys for use with a specified algorithm. KeyAgreement: used by two or more parties to agree upon and establish a specific key to use for a particular cryptographic operation. AlgorithmParameters: used to store the parameters for a particular algorithm, including parameter encoding and decoding. AlgorithmParameterGenerator : used to generate a set of AlgorithmParameters suitable for a specified algorithm.
• KeyStore: used to create and manage a keystore. A keystore is a database of keys. Private keys in a keystore have a certificate chain associated with them, which authenticates the corresponding public key. A keystore also contains certificates from trusted entities. • CertificateFactory: used to create public key certificates and Certificate Revocation Lists (CRLs). • CertPathBuilder: used to build certificate chains (also known as certification paths). • CertPathValidator: used to validate certificate chains. • CertStore: used to retrieve Certificates and CRLs from a repository.
PGP (Pretty Good Privacy) â&#x20AC;&#x201C; a hybrid encryption technology Message is encrypted using a private key algorithm (IDEA) Key is then encrypted using a public key algorithm (RSA) For file encryption, only IDEA algorithm is used PGP is free for home use